Presentation is loading. Please wait.

Presentation is loading. Please wait.

John Chapman, Janet Fall 2012 Internet 2 Member Meeting 3 October 2012 Trust me, I’m an engineer: Engineering trust using a Trust Router infrastructure.

Similar presentations


Presentation on theme: "John Chapman, Janet Fall 2012 Internet 2 Member Meeting 3 October 2012 Trust me, I’m an engineer: Engineering trust using a Trust Router infrastructure."— Presentation transcript:

1 John Chapman, Janet Fall 2012 Internet 2 Member Meeting 3 October 2012 Trust me, I’m an engineer: Engineering trust using a Trust Router infrastructure

2 What do we mean by ‘Trust’ Trust infrastructures Trust in a Moonshot Service Trust Router – a new concept Questions Trust me... Photo Credit: (CC) BY-NC-SA by szczelszczel

3 Trust engineering is concerned with the design & construction of trust infrastructure Trust infrastructure helps actors make reasoned decisions about appropriate trust in other actors Trust infrastructure consists of: – Policies that set expectations – Technologies that derive the trust decisions – Applications that leverage/exploit the decisions What is trust engineering?

4 Why ‘science’? – Involves application of ideas and methods from computer science (often, but not exclusively, cryptography) Why ‘art’? – How we reason is a function of our cultural & socio-economic environment (social conventions, legal systems, business context, etc.) Infrastructure is tangible; reasoning is intangible Trust engineering – a science and an art

5 Reasoning the Chasm of Incredulity A proposition Trusted knowledge Chasm of Incredulity Leap of faith Empiricism Induction Piranha Pond

6 Induction, empiricism, trust & fallibility Clifton suspension bridge, Bristol (planning commenced 1753; constructed completed 1864) “The pier on the Leigh Woods side stands on a 33 metre red sandstone abutment. For a hundred and fifty years it was believed the support was solid. But amazingly in 2002 it was discovered the abutment was actually hollow - made up of a sequence of gigantic chambers.”

7 Trust Apple...

8 Organisation – Kerberos / Windows Domains for corporate ICT services – Various Web SSO solutions using variety of hacks/technologies National/Regional – Web SSO federations, principally using SAML metadata PKI – National/European Grid Infrastructure(s) using x.509 PKI – Other x.509 PKI initiatives (e.g., GÉANT’s eduPKI) Global – Internet x.509 PKI (with TERENA enabling purchasing aggregation) – IGTF, principally using x.509 PKI – eduroam using RADIUS (and RadSec/x.509 PKI) – eduGAIN using SAML metadata PKI Important R&E trust infrastructures today

9 Our customers would prefer to deploy fewer technologies; and preferably just one However a single trust technology must support the policy requirements of a broad range of communities distributed across our customers; there is no “one size fits all” Today’s hierarchical organisation of R&E trust infrastructure (campus  national  regional  global) is increasing irrelevant to our customers, who need multiple trust infrastructures (not multiple technologies!) reflecting their relationships with other organisations globally Some reflections on these trust infrastructures

10 Where we are & where we want to get to Trust technology Communities Use cases

11 Collapsing to a single trust technology Baseline Trust Policy Community Use cases spanning one or more communities

12 Current Federations eduroam service Based on RADIUS technology Typically for making security claims for network single sign-on Identity federation Based on SAML technology Typically for making security claims for web single sign-on Certificate service Based on X.509 technology Typically for making security claims for SSL-based applications

13 Lower the barriers to business between our customers Reduce the cost and time to market for new services Drive down operational costs for both Janet and our customers Allow communities themselves to create and run communities Unify a complex set of trust establishment techniques

14 Helpful to segregate communities into logical groups ‘Community of Registration’ (CoR) – A collection of registrations representing each customer – Common registration policy is relatively easy to define (e.g., NIST , WebTrust, etc) ‘Community of Interest’ (CoI) – A collection of these customer representations – CoIs have any kind of policy; very difficult to normalise Community-centric Federation

15 Janet Community of Registration “Janet customer” Community of Interest “Local government” Community of Interest “Health services” Community of Interest CoRs and CoI A A B B A A B B C C D D E E F F C C D D E E D D

16 Efficient & robust Significant scalability – Janet’s target use cases imply 100Ks of RPs Support for numerous and diverse communities – These will be organised arbitrarily, across many organisational and national boundaries Integration with diverse use cases & applications One trust technology, supporting multiple trust infrastructures, for any use case Technology requirements

17 Introducing… …Trust Router

18 The final major output of Project Moonshot: https://community.ja.net/groups/moonshot https://community.ja.net/groups/moonshot A next generation trust infrastructure for ABFAB-based federated identity systems Implements draft-mrw-abfab-trust-router Functional Specification: https://community.ja.net/groups/moonshot/documents/draft- trust-router-specification https://community.ja.net/groups/moonshot/documents/draft- trust-router-specification Janet’s Trust Router

19 Terminology Trust Link – asserts that one Trust Router is willing and able to forward Trust Path Requests to another TR or AAA Server Trust Path – set of Trust Links that can be used by a specific Relying Party to reach an AAA Server in the domain of a specific Identity Provider A(T)->B(T) – a Trust Link between two Trust Routers for realms A and B

20 Trust Router Protocol B(T) ->C(T) C(T)->C(A) B(T)->E(T) E(T)->F(T) F(T)->F(A) C(T)->C(A) E(T)->F(T) F(T)->F(A) D(T)->E(T) E(T)->F(T) F(T)->F(A) E(T)->F(T) E(T)->F(A) F(T)->F(A) BF DE CA Realm C AAA Realm F AAA

21 Trust Path Query AAA server AAA client Relying Party domain Identity Provider domain 0 – Trust Router Protocol 1 - Trust Path Query Request 2 & 3 - Trust Path Traversal 4 - Temporary Identity Provisioned 5 - Trust Path Query Response 6 - AAA Authentication 7- Temporary Id lookup

22 MilestoneDate Management Portal Specification completeOctober 2012 Windows SSP public beta availableNovember 2012 Introduction to Moonshot Webinar14-Nov-12 (tbc) Identity Selector v1.0 availableDecember 2012 Windows SSP v1.0 availableJanuary 2013 Trust Router Public beta availableJanuary 2013 Moonshot Implementation Training Course PilotFebruary 2013 Trust Router v1.0 availableMarch 2013 Moonshot Implementation Training CourseMarch 2013 Service Pilot beginsApril 2013 Project Moonshot

23 https://community.ja.net/groups/moonshot/documents/draft- trust-router-specification - TR Functional Specification https://community.ja.net/groups/moonshot/documents/draft- trust-router-specification - Project website: cases studies, background information, latest news, links to code repository https://www.jiscmail.ac.uk/MOONSHOT-COMMUNITY is our community discussion mailing list https://www.jiscmail.ac.uk/MOONSHOT-COMMUNITY Implement Moonshot Join the Service Pilot Get involved!

24 Most Higher Education organisations are nearly Moonshot- ready today A RADIUS server (any modern RADIUS product should support testing today). Moonshot client and server plug-in Linux: packaging available for Debian & RHEL Windows: native support using prototype plugin Mac: Packaging complete for Snow Leopard and Lion Moonshot Identity Selector to facilitate the selection of an identity to use, for GUI environments (Windows, Mac & Linux) Deployment requirements 24

25 PuTTY  OpenSSH

26 26 IE  Apache

27 27 Outlook 2010  Exchange 2010

28 OpenSSH client  OpenSSH server (GSS) OpenLDAP client  OpenLDAP server (SASL) OpenLDAP client (GSS)  Windows Active Directory (SSPI) Firefox  Apache (GSS) Internet Explorer  IIS (SSPI) MyProxy client  MyProxy server (SASL) Adium  Jabberd (SASL) Console authentication using PAM/GSS on Linux and SSPI on Windows Examples of other tested scenarios

29 The architecture is currently being standardised within the IETF’s ‘ABFAB’ working group See https://datatracker.ietf.org/wg/abfab for documentshttps://datatracker.ietf.org/wg/abfab The key documents are – draft-ietf-abfab-arch describing the high-level architecture draft-ietf-abfab-arch – draft-ietf-abfab-gss-eap describing the core “GSS EAP” technology draft-ietf-abfab-gss-eap – draft-ietf-abfab-aaa-saml describing the use of SAML draft-ietf-abfab-aaa-saml Standardisation

30 https://community.ja.net/groups/moonshot/documents/draft- trust-router-specification - TR Functional Specification https://community.ja.net/groups/moonshot/documents/draft- trust-router-specification - Project website: cases studies, background information, latest news, links to code repository https://www.jiscmail.ac.uk/MOONSHOT-COMMUNITY is our community discussion mailing list https://www.jiscmail.ac.uk/MOONSHOT-COMMUNITY Implement Moonshot Join the Service Pilot Really get involved!

31 Janet, Lumen House Library Avenue, Harwell Oxford Didcot, Oxfordshire t: +44 (0) f: +44 (0) e: Thank you


Download ppt "John Chapman, Janet Fall 2012 Internet 2 Member Meeting 3 October 2012 Trust me, I’m an engineer: Engineering trust using a Trust Router infrastructure."

Similar presentations


Ads by Google